research-article

PKI and access control in office environments

Authors:
Christopher Woodward

Baker St. Suite, Erlanger KY

Baker St. Suite, Erlanger KY
View Profile

,
Wasim A. Al-Hamdani

Kentucky State University, East Main, KY

Kentucky State University, East Main, KY
View Profile

InfoSecCD '11: Proceedings of the 2011 Information Security Curriculum Development ConferenceSeptember 2011Pages 20–24https://doi.org/10.1145/2047456.2047459

Published:30 September 2011Publication History

InfoSecCD '11: Proceedings of the 2011 Information Security Curriculum Development Conference

Pages 20–24

ABSTRACT

One of the most common problems associated with network security is access control. Access control is the key to all aspects of security, and it is a point that should be well considered by any security team. A common misconception about access control is that is begins and ends with locked doors, and this is sadly mistaken. Access control limits access to specific area of buildings, which house network servers, offices, terminals, and a host of other devices and data that must be protected. PKI would be useful to the Security Professional, as it creates a Web of Trust between all users on the network, and when that trust is violated, only then does the security team have to jump into action. This technique is being used within the medical field and in many research and development departments across the United States, but is not currently in place in the typical office environment. This method would enhance the overall security of a given office network, provide the security teams with an easier network to maintain, and speed up the flow of data within the office environment.

References

Kiran, S., Lareau, P., and Lyod S. 2002. PKI Basics: A Technical Perspective. PKI Note. http://www.pkiforum.org.Google Scholar
Introduction to Public Key Infrastructure (PKI). http://www.articsoft.comGoogle Scholar
Raina, K. (2003). PKI security solutions for the enterprise: Solving HIPAA, E-Paper Act, and other compliance issues. Danvers, MA 01923: Wiley Publishing. Google ScholarDigital Library
Røstad, L. (2008). Access Control in Healthcare Information Systems: Thesis for the degree of Philosophiae Doctor (PhD). Trondheim, Norway: Norwegian University of Science and Technology.Google Scholar
Whitten A. and J. D. Tygar, Why Johnny Can't Encrypt A Usability Evaluation of PGP 5.0, Proceedings of the 8th USENIX Security Symposium (Washington, D. C., Aug. 23--36, 1999), 169--184. Google ScholarDigital Library

Index Terms

PKI and access control in office environments
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Cryptography based access control in healthcare web systems
InfoSecCD '10: 2010 Information Security Curriculum Development Conference

Access control is the capacity of a particular subject (user, process) to permit or deny the use of a specific object (data, file). Access control mechanisms can be used in managing physical resources and logical resources. Cryptography access control ...
Read More
Access Control and Information Flow Control for Web Services Security

With the advancement of web services technology, security has become an increasingly important issue. Various security standards have been developed to secure web services at the transport and message level, but application level has received less ...
Read More
Access control in IoT environments: Feasible scenarios
Abstract
The Internet of Things (IoT) is the extension of the internet to the physical world where all objects collect information and interact with their environments with no or little human intervention. They collect and transfer sensitive and private ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
InfoSecCD '11: Proceedings of the 2011 Information Security Curriculum Development Conference
September 2011
111 pages
ISBN:9781450308120
DOI:10.1145/2047456
Conference Chair:
Michael E. Whitman,
Program Chair:
Humayun Zafar
Copyright © 2011 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 30 September 2011
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
access control
cryptography
information assurance
information security
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate18of23submissions,78%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 1
  Total Citations
  View Citations
- 230
  Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

PKI and access control in office environments

InfoSecCD '11: Proceedings of the 2011 Information Security Curriculum Development Conference

ABSTRACT

References

Cited By

Index Terms

Recommendations

Cryptography based access control in healthcare web systems

Access Control and Information Flow Control for Web Services Security

Access control in IoT environments: Feasible scenarios